The provision of a lawful interception is a requirement of national law, which is usually mandatory. From time to time, a network operator and/or a service provider will be required, according to a lawful authorization, to make available results of interception relating to specific identities to a specific interception authority or Law Enforcement Agency (LEA).
There are various aspects of interception. The respective national law describes under what conditions and with what restrictions interception is allowed. If a LEA wishes to use lawful interception as a tool, it will ask a prosecuting judge or other responsible body for a lawful authorization, such as a warrant. If the lawful authorization is granted, the LEA will present the lawful authorization to an access provider which provides access from a user's terminal to that network, to the network operator, or to the service provider via an administrative interface or procedure.
Such a lawful interception functionality is also needed in the packet switched part of new mobile or cellular data networks such as GPRS (General Packet Radio Services) or UMTS (Universal Mobile Telecommunications System) networks.
Generally, when monitoring communications made or received by a monitored party in, for instance, a GSM (Global System for Mobile communications) system, or the above mentioned new packet switched networks, problems can occur in correctly tracing the party to be monitored. The monitoring or interception criteria known by the authorities are normally the mobile destination identifier (such as the phone number) of the monitored subscriber, e.g. the MSISDN (Mobile Subscriber ISDN Number) or subscriber's mobile destination identifier. The interception activation is therefore usually based on the MSISDN. However, when criminals become aware of interception activities, they may for example use prepaid SIM (Subscriber Identity Module) cards so that MSISDN-based interception becomes rather difficult. Therefore, it might be considered to use the IMEI (International Mobile Station Equipment Identity) as the interception activation criteria, as it is more difficult and expensive for the monitored parties to change their equipment instead of usually free SIM cards. Moreover, there exists an additional information, the IMSI (International Mobile Subscriber Identity), that internally identifies the subscriber in a unique manner. However, the authority (normally the LEA but eventually also a licensed private agency or the like) activating the interception does not know the IMSI, so that the MSISDN is more convenient for practical use.
Usually, the MSISDN and the IMSI have a one-to-one correspondence, with the mapping information being stored in a subscriber database, e.g. the HLR (Home Location Register) or the HSS (Home Subscriber Server). Although, theoretically, the MSISDN can therefore be mapped to the IMSI using the subscriber database information, this mapping necessitates time consuming processes and should thus be avoided if possible. Furthermore, the subscriber database is regularly updated so that it is laborious to maintain correct mapping information in the interception devices.
In document WO 01/60098 A1, a monitoring system for collecting information on a party in a communication network is described. A monitoring device is adapted to detect the occurrence of identification data generated when a party is starting or receiving a communication, and collects this information in a database. For deciding on monitoring a communication, the database is addressed for comparing the actual identification information with the data stored in the database, and the monitoring of the party is started when the data corresponds to stored identifier data, such as the destination identifier of a party to be monitored, the party's identification data or the party's equipment identification data. By storing in the database a list of correspondence (concordance list) between the different identification information pointing to the monitored parties, an interception is also possible based on information which is normally not available. For instance, interception based on the IMEI is possible even for visitor subscribers without roaming contracts with their home networks, since no access to the subscriber database of the visitor subscriber network is required. A small database storing the identification information necessary for monitoring purposes is sufficient. In particular, the party's identification data stored in the database may be the IMSI, the MSISDN or IMUI (International Mobile User Identity), and the equipment identification stored in the database may be the IMEI.
According to the above known monitoring system, an interception device receives a notification whenever a tunnel or session is activated. These notification messages always contain the IMSI and optionally the MSISDN or the IMEI. The interception device then collects IMSI-MSISDN-IMEI triplets in the database, wherein the MSISDN or the IMEI may be missing. Furthermore, the database contains an information on whether the interception of a particular triplet is activated or not. When a triplet of a monitored party is received and the IMEI is found from the database but the IMSI does not map to the stored one, this means that the IMEI is now used with another SIM card. Therefore, the old IMEI is removed and a new item is added to the database.
Thus, at present, legal interception of voice or data traffic in cellular systems is possible based on the IMSI, the MSISDN or the IMEI mobile identifiers, wherein the MSISDN and the IMSI map to the SIM card, and the IMEI maps to the mobile station equipment.
However, suspects or parties to be intercepted have learned to evade the surveillance by e.g. using prepaid SIM cards and by switching their equipment, which is made possible by decreasing equipment prices and the fact that most operators nowadays offer prepaid SIM cards. Thus, it may not be possible for the authorities to keep intercepting a person's voice or data traffic based only on the MSISDN or IMSI number. Moreover, switching prepaid SIM cards between mobile phones generates a mobile station which is completely new in the system, such that it will not be detected even in IMEI-based surveillance.